Why am I getting permission denied errors when uploading workspace data?

Last updated: September 8, 2025

Context

When running Terraform plans without autodeploy enabled, you may encounter permission denied errors when the system attempts to create a workspace tarball, particularly when accessing the .env_hooks file. This typically occurs when the Docker worker container is running as the root user instead of the required spacelift user.

Answer

This error occurs because Spacelift requires the worker container to run as the spacelift user (UID 1983) rather than root. When using a custom Docker image for your worker, ensure that:

  1. The spacelift user exists in your Docker image with UID 1983

  2. Your Dockerfile ends with the instruction `USER spacelift`

To properly configure your custom worker image:

  1. Add the following to your Dockerfile if building from scratch: 

    RUN useradd -u 1983 spacelift
# Add your customizations here
USER spacelift

  2. If the error persists, verify the running user in your container by checking file permissions in the /opt/spacelift directory - files should be owned by spacelift:spacelift, not root:root

As a temporary workaround, enabling autodeploy (autodeploy = true) will bypass the workspace upload process, but this is not recommended as a long-term solution.

For more information about customizing worker images, refer to our documentation on customizing the runner image.